SUN » Java System Web Server » 6.0 sp5 : Security Vulnerabilities, CVEs, Published In 2006
HTTP request smuggling vulnerability in Sun Java System Proxy Server before 20061130, when used with Sun Java System Application Server or Sun Java System Web Server, allows remote attackers to bypass HTTP request filtering, hijack web sessions, perform cross-site scripting (XSS), and poison web caches via unspecified attack vectors.
Max CVSS
6.8
EPSS Score
1.26%
Published
2006-12-04
Updated
2024-02-09
Sun Java System Application Server (SJSAS) 7 through 8.1 and Web Server (SJSWS) 6.0 and 6.1 allows remote authenticated users to read files outside of the "document root directory" via a direct request using a UTF-8 encoded URI.
Max CVSS
4.0
EPSS Score
0.34%
Published
2006-07-28
Updated
2017-07-20
2 vulnerabilities found